net.shibboleth.idp.authn

Class ExternalAuthentication

java.lang.Object

net.shibboleth.idp.authn.ExternalAuthentication

public class ExternalAuthentication
extends Object

Public interface supporting external authentication outside the webflow engine.

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTHENTICATION_ERROR_KEY Request attribute to which an error message may be bound.
static String	AUTHENTICATION_EXCEPTION_KEY Request attribute to which an exception may be bound.
static String	AUTHENTICATION_INSTANT_KEY Request attribute to which an authentication timestamp may be bound.
static String	AUTHN_METHOD_PARAM Deprecated.
static String	CONVERSATION_KEY Parameter supplied to identify the per-conversation structure in the session.
static String	DONOTCACHE_KEY Request attribute to which a signal not to cache the result may be bound.
static String	FORCE_AUTHN_PARAM Request attribute that indicates whether the authentication request requires forced authentication.
static String	PASSIVE_AUTHN_PARAM Request attribute that indicates whether the authentication requires passive authentication.
static String	PRINCIPAL_KEY Request attribute to which user's principal should be bound.
static String	PRINCIPAL_NAME_KEY Request attribute to which user's principal name should be bound.
static String	RELYING_PARTY_PARAM Request attribute that provides the entity ID of the relying party that is requesting authentication.
static String	SUBJECT_KEY Request attribute to which user's subject should be bound.

Constructor Summary

Constructors

Constructor and Description
ExternalAuthentication()

Method Summary

Methods

Modifier and Type	Method and Description
protected void	doFinish(HttpServletRequest request, HttpServletResponse response) Complete a request for external authentication by seeking out the information stored in request attributes and transferring to the session's conversation state, and then transfer control back to the authentication web flow.
protected void	doStart(HttpServletRequest request) Initialize a request for external authentication by seeking out the information stored in the servlet session and exposing it as request attributes.
static void	finishExternalAuthentication(String key, HttpServletRequest request, HttpServletResponse response) Complete a request for external authentication by seeking out the information stored in request attributes and transferring to the session's conversation state, and then transfer control back to the authentication web flow.
protected org.opensaml.profile.context.ProfileRequestContext	getProfileRequestContext(HttpServletRequest request) Get the ProfileRequestContext associated with a request.
static org.opensaml.profile.context.ProfileRequestContext	getProfileRequestContext(String key, HttpServletRequest request) Get the ProfileRequestContext associated with a request.
static String	startExternalAuthentication(HttpServletRequest request) Initialize a request for external authentication by seeking out the information stored in the servlet session and exposing it as request attributes.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CONVERSATION_KEY

@Nonnull
@NotEmpty
public static final String CONVERSATION_KEY

Parameter supplied to identify the per-conversation structure in the session.

See Also:

Constant Field Values

PRINCIPAL_KEY

@Nonnull
@NotEmpty
public static final String PRINCIPAL_KEY

Request attribute to which user's principal should be bound.

See Also:

Constant Field Values

PRINCIPAL_NAME_KEY

@Nonnull
@NotEmpty
public static final String PRINCIPAL_NAME_KEY

Request attribute to which user's principal name should be bound.

See Also:

Constant Field Values

SUBJECT_KEY

@Nonnull
@NotEmpty
public static final String SUBJECT_KEY

Request attribute to which user's subject should be bound.

See Also:

Constant Field Values

AUTHENTICATION_INSTANT_KEY

@Nonnull
@NotEmpty
public static final String AUTHENTICATION_INSTANT_KEY

Request attribute to which an authentication timestamp may be bound.

See Also:

Constant Field Values

AUTHENTICATION_ERROR_KEY

@Nonnull
@NotEmpty
public static final String AUTHENTICATION_ERROR_KEY

Request attribute to which an error message may be bound.

See Also:

Constant Field Values

AUTHENTICATION_EXCEPTION_KEY

@Nonnull
@NotEmpty
public static final String AUTHENTICATION_EXCEPTION_KEY

Request attribute to which an exception may be bound.

See Also:

Constant Field Values

DONOTCACHE_KEY

@Nonnull
@NotEmpty
public static final String DONOTCACHE_KEY

Request attribute to which a signal not to cache the result may be bound.

See Also:

Constant Field Values

FORCE_AUTHN_PARAM

@Nonnull
@NotEmpty
public static final String FORCE_AUTHN_PARAM

Request attribute that indicates whether the authentication request requires forced authentication.

See Also:

Constant Field Values

PASSIVE_AUTHN_PARAM

@Nonnull
@NotEmpty
public static final String PASSIVE_AUTHN_PARAM

Request attribute that indicates whether the authentication requires passive authentication.

See Also:

Constant Field Values

AUTHN_METHOD_PARAM

@Deprecated
@Nonnull
@NotEmpty
public static final String AUTHN_METHOD_PARAM

Deprecated.

Request attribute that provides which authentication method should be attempted.

See Also:

Constant Field Values

RELYING_PARTY_PARAM

@Nonnull
@NotEmpty
public static final String RELYING_PARTY_PARAM

Request attribute that provides the entity ID of the relying party that is requesting authentication.

See Also:

Constant Field Values

Constructor Detail

ExternalAuthentication

public ExternalAuthentication()

Method Detail

startExternalAuthentication

@Nonnull
@NotEmpty
public static String startExternalAuthentication(@Nonnull
                                                  HttpServletRequest request)
                                          throws ExternalAuthenticationException

Initialize a request for external authentication by seeking out the information stored in the servlet session and exposing it as request attributes.

Parameters:

request - servlet request

Returns:

a handle to subsequent use of finishExternalAuthentication(java.lang.String, HttpServletRequest, HttpServletResponse)

Throws:

ExternalAuthenticationException - if an error occurs

finishExternalAuthentication

public static void finishExternalAuthentication(@Nonnull@NotEmpty
                                String key,
                                @Nonnull
                                HttpServletRequest request,
                                @Nonnull
                                HttpServletResponse response)
                                         throws ExternalAuthenticationException,
                                                IOException

Complete a request for external authentication by seeking out the information stored in request attributes and transferring to the session's conversation state, and then transfer control back to the authentication web flow.

Parameters:

key - the value returned by startExternalAuthentication(HttpServletRequest)

request - servlet request

response - servlet response

Throws:

ExternalAuthenticationException - if an error occurs

IOException - if the redirect cannot be issued

getProfileRequestContext

@Nonnull
public static org.opensaml.profile.context.ProfileRequestContext getProfileRequestContext(@Nonnull@NotEmpty
                                                                                  String key,
                                                                                  @Nonnull
                                                                                  HttpServletRequest request)
                                                                                   throws ExternalAuthenticationException

Get the ProfileRequestContext associated with a request.

Parameters:

key - the value returned by startExternalAuthentication(HttpServletRequest)

request - servlet request

Returns:

the profile request context

Throws:

ExternalAuthenticationException - if an error occurs

doStart

protected void doStart(@Nonnull
           HttpServletRequest request)
                throws ExternalAuthenticationException

Initialize a request for external authentication by seeking out the information stored in the servlet session and exposing it as request attributes.

Parameters:

request - servlet request

Throws:

ExternalAuthenticationException - if an error occurs

doFinish

protected void doFinish(@Nonnull
            HttpServletRequest request,
            @Nonnull
            HttpServletResponse response)
                 throws ExternalAuthenticationException,
                        IOException

Complete a request for external authentication by seeking out the information stored in request attributes and transferring to the session's conversation state, and then transfer control back to the authentication web flow.

Parameters:

request - servlet request

response - servlet response

Throws:

ExternalAuthenticationException - if an error occurs

IOException - if the redirect cannot be issued

getProfileRequestContext

@Nonnull
protected org.opensaml.profile.context.ProfileRequestContext getProfileRequestContext(@Nonnull
                                                                                  HttpServletRequest request)
                                                                               throws ExternalAuthenticationException

Get the ProfileRequestContext associated with a request.

Parameters:

request - servlet request

Returns:

the profile request context

Throws:

ExternalAuthenticationException - if an error occurs